Feature management of a communication device

ABSTRACT

A system and method for the real-time management of a device, and more particularly to the establishment and enforcement of policies or rules associated with the feature or functions that may be performed with the device, such as making and receiving calls, exchanging data, playing games and music, sending and receiving email, accessing web sites, and paying for goods and services. If a child or employee is using the device, there may be a need to regulate how that device can be used and to determine who will pay for what goods or services. In addition to providing all of the features associated with a device, service providers need to be able to establish and enforce rules (policies) regulating how and when that device can be used and who will pay for a good or service requested by the user of the device.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.13/763,348, filed on Feb. 8, 2013, which is a continuation of U.S.patent application Ser. No. 13/603,218, filed on Sep. 4, 2012, which isa continuation of U.S. patent application Ser. No. 12/950,379 filed onNov. 19, 2010, now U.S. Pat. No. 8,285,249, issued on Oct. 9, 2012,which is a continuation of U.S. patent application Ser. No. 11/881,460filed on Jul. 26, 2007, now U.S. Pat. No. 7,899,438, issued on Mar. 1,2011, which is a Continuation-In-Part of U.S. patent application Ser.No. 11/824,336 filed on Jun. 28, 2007, now U.S. Pat. No. 7,945,238,issued on May 17, 2011, the contents of which are incorporated herein byreference in their entirety.

This application is related by subject matter to that which is disclosedin the following commonly assigned application: U.S. patent applicationSer. No. 13/786,735; U.S. patent application Ser. No. 13/786,754; U.S.patent application Ser. No. 13/786,775; U.S. patent application Ser. No.13/786,802; U.S. patent application Ser. No. 13/786,685; U.S. patentapplication Ser. No. 13/786,694; U.S. patent application Ser. No.13/786,703; U.S. patent application Ser. No. 13/786,730; U.S. patentapplication Ser. No. 13/786,745; U.S. patent application Ser. No.13/786,922; U.S. patent application Ser. No. 13/786,950; U.S. patentapplication Ser. No. 13/786,966; U.S. patent application Ser. No.13/786,986; U.S. patent application Ser. No. 13/787,004; U.S. patentapplication Ser. No. 13/786,917; U.S. patent application Ser. No.13/786,949; U.S. patent application Ser. No. 13/786,974; U.S. patentapplication Ser. No. 13/787,610; U.S. patent application Ser. No.13/787,111; all filed on Mar. 6, 2013 and all entitled “FeatureManagement of a Communication Device,” the entirety of each applicationis hereby incorporated by reference herein. This application is alsorelated by subject matter to that which is disclosed in U.S. patentapplication Ser. No. 12/027,240, filed Feb. 6, 2008, now U.S. Pat. No.7,881,697, issued Feb. 1, 2011; and to that which is disclosed in U.S.patent application Ser. No. 12/950,291, filed Nov. 19, 2010, now U.S.Pat. No. 8,078,140, issued Dec. 13, 2011 the entirety of eachapplication is hereby incorporated by reference herein.

TECHNICAL FIELD

The present invention is directed to the real-time management of adevice, and more particularly to the establishment and enforcement ofpolicies or rules associated with the feature or functions that may beperformed with the device. Modern communication devices are capable ofmany things, including making and receiving calls, exchanging data,playing games and music, sending and receiving email, accessing websites, and paying for goods and services. Depending on who is using thecommunication device, such as a child or an employee, there may be aneed or desire to regulate how that communication device can be used andto determine who will pay for what goods or services. In addition toproviding all of the features associated with a device, serviceproviders need to be able to establish and enforce rules (policies)regulating how and when that device can be used and who will pay for agood or service requested by the user of the device.

BACKGROUND

Postpaid cellular phone (cell phone) services typically allow the userof a cell phone to spend unlimited amounts of money for services. Inother words, there is nothing to stop the user from running up a hugecell phone bill. Many parents have experienced this issue with theirchildren, prompting the parents to take their children's phones away orto otherwise restrict their children's access to the phones.Unfortunately, modern society requires that parents have the ability tocontact their children by cell phone and vice versa, so the cell phonesare often returned to the children despite the possibility of futureabuse.

The same type of issue exists between employers and employees and otherparties in similar administrator/user relationships with respect to theuse/abuse of cell phones and other devices. For example, an employer maywant an employee to have a communications or mobile computing device,but may not want to pay for certain services or applications that theemployee can access with the device or may want to limit how, when, andhow much of those services or applications can be used by the employee.Likewise, a government agency or school might be willing to pay for orsubsidize certain communications services or applications, but notothers. Without the ability to somehow restrict the employee's abilityto use services or applications that the employer does not want to payfor or to shift payment obligations for those services or applicationsto the employee, many employers are forced to give their employees thedevices anyway and hope for the best.

One partial solution to the problems associated with postpaid cellularphone abuse is the prepaid cellular phone. Prepaid phone services limitspending because the user of the phone can only use what has been paidfor in advance. Many children, however, are not responsible or matureenough to adequately track and maintain their prepaid phone serviceaccounts, and many parents have too many other obligations to keep closetrack of their children's cell phone use, so as to make sure the phoneservice accounts are adequately funded all of the time. The net resultcan be disastrous. For example, if a child uses up all of the funds intheir prepaid account, and their phone service provider shuts downaccess to its services, the child will not be able to call a parent inthe event of an emergency, or arrange to be picked up after school or asporting event, etc.

Thus, a prepaid phone service does not solve the problem of ensuringavailability of key services even if the prepaid account has run out ofmoney. In addition to insuring the safety of their children, manyparents, employers and others would like to be able to exerciseadministrative control over the services and activities that a child,employee, etc., is allowed to pay for out of their prepaid account, butprepaid accounts have not been structured to provide such administrativecontrol or feature management. Feature management can encompass manyactivities, such as preventing a feature or service from being usedentirely, limiting how much a feature or service can be used in a giventime period, or limiting when a given feature or service can be used(i.e. time of day, days in month, etc).

Prior attempts by prepaid service providers to address these problemshave only resulted in partial solutions. Some service providers haveprovided for rollover usage minutes, which are minutes that were notused as part of a user's service plan and are allowed to roll over tothe same user for use in the next month. In some cases, this mightprevent a user from running out of minutes in the next month, but itdoes not guarantee that the user will not use up all of their monthlyminutes, plus the rollover minutes, and be denied access to key servicesanyway. Other service providers have provided an automated refillservice, which automatically bills some amount to a credit card torecharge the user's prepaid account in the event the balance in theuser's account gets too low. However, a prepaid phone service with anautomated refill service is the equivalent of a postpaid phone serviceand would therefore have the same problem with potential abuse as apostpaid service. In other words, there is no spending limit on thephone service.

Postpaid services have also attempted to address these problems byoffering users unlimited usage packages that limit a user's exposure torunning up charges. However, for parents who are also interested inpreventing their children from sending 300 text messages per day withtheir phone, or running up a huge bill for services that are notincluded in the “unlimited usage package,” such as downloaded games orringtones, unlimited usage offerings are not a complete solution.Another partial solution is to provide the administrator (parent) withan alert when a user has reached some limit for a service. For example,a parent could be alerted when a child has spent more than $10 on textmessages within a certain period of time. An alert, however, does notactually limit usage of the service, it just warns the parent that thelimit has been reached, at which point the parent has to intervene toprevent further abuse, such as by taking the phone away from the child,which is one of the problems with postpaid services in the first place.

It is further known in the art to provide an account for a user of aprepaid phone, such as a cellular phone, in which funds are storedelectronically for future use of the phone. For example, a serviceprovider could establish an account for a user, in which funds can bestored, such as through use of a credit card charge or electronictransfer from a bank account. In some cases, corporate customers withmultiple users under the same service provider might be able to have asingle account for their business, with subaccounts assigned to certainphones and charged to the particular departments within the corporationto which the employees using those phones correspond. Some serviceproviders also provide affinity accounts, which include special ratesand promotions for groups of people belonging to a similar business,club, etc. In each case, however, these accounts operate separate fromone another in that all of the charges for a particular phone arecharged to a particular account, rather than some charges being billedto one account while other charges are billed to another account. Thesame is true with respect to discounts and promotions, i.e., a discountor promotion is either applied to an existing account or it is not.

Finally, it is further known to establish some measure of parental oradministrative control over an account. The Telcordia™ ConvergedReal-Time Charging system allows users to place limited real-timecontrols over prepaid and postpaid accounts. For example, when anaccount allows a child to download premium data (data for which a chargeis imposed), parental controls over that account can be set to limitthat child's spending within a set of parameters. This system and othersolutions, however, are only partial solutions to the problem ofproviding limits on overspending and other activities by the user whilesimultaneously assuring that the user will always be able to use thephone when appropriately needed.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a flow chart illustrating, at a high-level, the process ofinitiating and permitting a service to be initiated;

FIG. 2 is a flow chart illustrating the process of initiating a datasession for a mobile device, checking the data policies associated withthat device, and enforcing those data policies;

FIG. 3 is a block diagram illustrating a contact management feature;

FIG. 4 is a block diagram illustrating a feature management feature; and

FIG. 5 is a block diagram illustrating an edit setting screen for feedsbased on the feature management feature of FIG. 4.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

The present invention is directed to the real-time management of adevice in general, and more particularly to the management of a phone byan administrator, such as a parent, guardian, financier, employer,supervisor, or responsible party, who can specifically control the useof the phone through management of its features and the walletsassociated with the phone. In the context of the present invention, awallet is like an electronic account that has certain added featuresthat accounts do not have and which can be used in additional ways thataccounts are not used. A wallet can also be a singular item thatincludes a number of control features or a collection of items, eachhaving their own control features, which operate in conjunction orcooperate with one another to achieve the same purpose as a singularitem.

An account would typically include configuration settings for differentservices available to a user assigned to the account, would include auser's profile information, and would provide the user with the abilityto manage the features that are activated for the account. Featuremanagement can be implemented with or without wallets, but isillustrated herein with wallets to provide a more thorough explanationof how feature management works. Some of the features of a wallet thatare added to an account include how money is entered into the wallet,who holds or has access to the wallet, the rules that apply to how eachwallet can be used for different services, and the hierarchical use ofthe wallets for each service.

Managing features associated with a phone empowers the administrator tocontrol how the phone is used and goods and services are paid. Forexample, a common problem with providing a child a cell phone is thatthey have free reign over downloading ringtones and games. Throughfeature management, rules can be established for managing thedownloading of content, including:

-   -   turning off the download capability entirely;    -   limiting how many ringtones and/or games can be purchased in a        given time frame;    -   sending alerts when a certain dollar or unit threshold has been        reached over a given time frame;    -   choosing to have the administrator pay for specific types of        content, like educational applications or work productivity        applications;    -   using a pre-defined or dynamically-created filter on such things        as downloadable content or surfable Web sites (i.e. set to only        allow games to be purchased with an “E” rating); or    -   choosing the time frame (time of day, days of week, etc.) when        downloads can occur.

Wallets also differ from accounts in that multiple wallets can be tiedto a single device, such as a phone, a single wallet can be tied tomultiple devices, and wallets can be completely dynamic, i.e., thewallet is not tied to any one device. For example, a dynamic walletcould be a “picture messaging” wallet, where that wallet is only usedfor photo services, which may be funded by the administrator, the userof the phone, or an outside party (i.e. friends or family). That dynamicwallet could apply to a single user's wallet, or across multiple walletsin a given account (i.e. across children in a family or employees in acompany).

Additional wallets can also be used as back up payment sources for asingle wallet associated with a device. These additional wallets can beset up to automatically cover the cost of specific services for thedevice or as back-up for the user wallet in the event it runs low onfunds. If the user of a prepaid phone is a child that needs to calltheir mother, but the child's wallet is low on funds, the mother'swallet could be used to cover the cost of the call from the child toher. For even greater security, the mother's wallet could be backed by acredit card that automatically adds funds to the wallet when needed sothere could be no possibility of the mother's wallet running out ofmoney.

It should be noted that although the term “funds” is used herein torefer to the value stored in or charged to a wallet, an electronicwallet could also be used to store and spend almost any type of unit ofvalue, whether money, credits, or some other indicator.

Returning to the example above, the wallets assigned to the child'sphone could also be arranged so that calls with family members werealways covered by the parent's wallets, but calls with the child'sfriends were always covered by the child's wallet. Other services, inaddition to calls, such as downloads of games, wallpaper, ring tones,etc., or the sending and receiving of SMS text messages, could beallocated between the different wallets as well, with some servicesbeing paid by the parent, some services being paid by the child, or anyother arrangement they prefer.

Requiring a child to pay for certain services can be a very effectiveway to help teach that child the difference between “want” versus“need,” which tends to be much clearer to children when they are forcedto buy something they “want,” but do not “need,” with their own money.

Of course, the organization and structure of wallets is not limited tojust phones for children. Such wallets are effective tools for any phoneuser that requires some level of supervision, such as a handicappedindividual, a person suffering from dementia, a corporate employee, oreven an adult that has shown poor judgment in the past and requires helpmanaging their affairs. Additionally, wallets could support a wide andvarious range of devices including communications, computing or gamedevices and a range of users and administrators including corporatesponsors, government agencies, schools, healthcare providers andemployers. For example, a phone associated with a user wallet and anadministrator wallet could be provided to an employee, such as a childcare provider, that enabled the child care provider to only call orreceive calls from a parent of the child being watched, and emergencyservices, but no one else. Alternatively, the phone could be set upwithout restrictions, but with multiple wallets that allocated out theexpense of calls to the appropriate parties. For example, calls to andfrom parents could be managed so as to be paid by the parents, alongwith emergency calls and other such things, whereas all other calls,such as personal calls by the child care provider, could be managed soas to be paid for out of the child care provider's wallet.

Additional wallets, such as promotional wallets established by the phoneservice provider, could be used to cover the cost of other services, fora specified period of time, for a specified number of services, or forany of numerous other purposes. Likewise, dynamic wallets could beestablished that could be used in association with any device and/orother wallets for any purpose, whenever the owner of the dynamic walletso chooses.

With respect to any device/phone for which one or more wallets areestablished, there would be an administrator, such as a parent,employer, guardian, etc. The administrator would be responsible forestablishing the rules or parameters under which the phone and the phoneuser's wallet could be used. If so desired, the administrator couldestablish an administrator's wallet that was tied to the same phone ormultiple phones and establish additional rules or parameters under whichthe administrator's wallet could be used in place of or in conjunctionwith the user's wallet. As the administrator for one or more phonewallets, the administrator could also move money between differentwallets. This would enable a family or company to manage their phoneservice budget in a manner that was not possible with a traditional bulk“shared plan,” i.e., a 1000 minute/month voice bundle, where every userassigned to the plan had an equal ability to use the plan.

Before explaining feature management and wallets in greater detail, themanner in which wallets can be utilized in a telecommunications networkwill first be described. Although wallets could be implemented in anytype of situation, a mobile telecommunications network is referenced inFIG. 1 as a particularly appropriate environment for the implementationof wallets. Wallets, however, could be associated with any type ofdevice that is subject to use by someone other than the administratorand that can be in communication with an appropriate control network.This type of device is referenced herein as a communication device, notbecause the device is used for communication, but because it is capableof being in communication with the control network. Hence, the devicecould be a PDA, a photocopier, a game, a computer, a network device, abicycle, or any type of device that one could imagine that is capable ofbeing remotely controlled by logical rules. Also, the types of itemsthat could be purchased or used by the device or ways in which thedevice can be controlled are only limited by the nature of the device.While a cellular phone is usually used to make phone calls, it can alsobe used for many other functions, including send and receive textmessages, download and play games, music, movies, etc., and even makepurchases of other objects or services that have nothing to do with thedevice, such as a gift at a shop, or a drink from a soda machine.

As illustrated in FIG. 1, the phone or mobile station 10, such as acellular phone, smart phone, personal data assistant (PDA), or any othertype of mobile computing platform, is utilized to originate a service,such as a call or message, using common standardized methods, e.g., asdefined in IS-136 (a TDMA standard), IS-95 (a CDMA standard), etc. Thephone/mobile station 10 would first establish a connection with a basestation 12, which would in turn connect to an originating mobileswitching center (O-MSC) 14. Upon receiving the origination request fora service from the base station 12, the O-MSC 14 would attempt toauthenticate the mobile station 10 by querying a visitor locationregister 16 and a home location register 18 to determine if the mobilestation 10 is registered with the telecommunications network andauthorized for use on that network, collectively referred to as“validation.”

Upon successful validation, the O-MSC 14 would trigger the servicemanager 20, based on standardized methods, e.g., as defined in IS-41,IS-771, IS-826, etc. The service manager 20 would first authenticate thesubscriber of the mobile station 10 based on their mobile directorynumber (MDN) and/or their mobile subscriber identification (MSID), orsome other type of identifier, as a valid subscriber. The term“subscriber” is used to generically define the person or entity thatsubscribed the phone to the telecommunications network, whether thathappens to be the user or an administrator. If the subscriber is notvalid, the subscriber will be notified through the mobile station 10 andthe session will be terminated. If the subscriber is valid, the servicemanager 20 will then enforce the provisioned voice or data policies orrules for the particular user of the mobile station 10, which includes,but is not limited to, wallet balance, wallet state/status, provisionedservices, other functions or functional restrictions (such as contactrestrictions, time-of-day restrictions or allowed number listfunctions/blocked number list restrictions), user selected servicecontrols, etc. If the user fails any of the provisioned policies, theuser will be notified and the session will be terminated. Theprovisioned policies are established by one or more global rules and/orone or more local rules, as further described below. Operation of theservice manager with respect to data service feature management (datapolicy) establishment and enforcement is further illustrated in FIG. 2.

If the session is allowed to progress, the service manager 20 will thenrate and charge the service transactions requested during that session.To do this, the service manager 20 again looks to the global level rulesand the user level rules that have been established for the device inquestion. In addition to including or establishing the provisionedpolicies, the rules establish an order of precedence as to how thedevice/phone is to be administered and how authorized transactions aregoing to be charged. The global rules are checked first. If a servicetransaction requested can be categorized according to one of the globalrules, the service transaction will be rated and charged according tothe global rules. For example, the phone service provider couldestablish that any call to its customer support phone numbers will beallowed and should always be free to its users, in which case the userlevel rules would not apply.

The user level rules define how a user is to be rated and charged onceit is determined that the global level rules do not apply to the servicetransaction request and/or payment. Additional rules can also beestablished that work in between the global rules and the user rules,such as promotional wallet rules and dynamic wallet rules. Theseadditional rules can be integrated as follows: for each phone/mobilestation, the service manager 20 has a variety of phone/mobile stationwallets allocated to support multiple services and functions, such as auser wallet, and administrator wallet, and a promotional wallet. If theservice transaction request has been authorized by the global rules, theservice manager 20 would then check to see if the service transactioncould be charged to another wallet.

For example, a promotional wallet could be established to discountcertain transactions, or to provide rewards or credits for particularservices, or to provide certain free transactions. If the promotionalwallet applies and there is a sufficient balance in the promotionalwallet, then the promotional wallet would be decremented (unless thepromotional wallet was being incremented for use of a service instead).If the service transaction is not a promotional activity, the servicemanager 20 will apply other user level rules and either charge theuser's wallet or the administrator's wallet. Dynamic wallets are furtherdescribed below, but they would work in a similar fashion.

Whether a charge for a service transaction is taken from the user'swallet, the administrator's wallet, or some other wallet, depends on theuser level (local) rules established by the administrator for that user.Hence, the administrator has the ability to specify unique servicetransactions as being charged to their wallet versus the user's walletthrough use of unique identifiers for each service transaction (e.g.,MDNs to be charged to the administrator's wallet for voice/SMS/MMS,content identifiers to be charged to the administrator's wallet, IMscreen names to be charged to the user's wallet, etc.). In the contextof a pre-paid phone, a wallet would typically include a balance thatcorresponds to some amount of United States Dollars deposited with theservice provider. In other contexts, as noted above, a wallet could bedesigned to hold any unit of value in place of dollars, including othercurrency types, service units, assets, or even something completely madeup that only has value in some limited context, like virtual money in amultiplayer, on-line, role playing game.

Once the service transaction has been rated and charged, the servicetransaction is permitted to continue. If the service transaction is acall, a download, a text message or any other service that requires theuser's phone/mobile station 10 to be connected to another mobile stationor device connected to a mobile station, a connection would beestablished to the terminating mobile switching center (T-MSC) 22 andthen connected to the mobile station 24, assuming mobile station 24 orthe device connected to it is available and the service transaction canbe completed.

FIG. 2 provides a description of how a mobile communication device isutilized to originate a data session and how data service featuremanagement operates. As in FIG. 1, the mobile station 10 originates asession (data in this case, but could also be voice as shown in FIG. 1)by establishing a connection with base station 12, which in turnconnects to an originating packet data serving node (O-PDSN) 25. TheO-PDSN 25 acts as a gateway by providing access to the Internet,intranets and applications servers for the mobile station 10 and acts asa client for the home agent 26 and the authentication, authorization andaccounting (AAA) Server 27. Upon receipt of an origination request for aservice from the base station 12, the O-PDSN 25 will attempt to validatethe request. Validation involves first attempting to authenticate themobile station 10 by querying the AAA Server 27 and the home agent 26 todetermine if the mobile station 10 is authorized to perform therequested action within the carrier network. If the mobile station 10has been validated, the O-PDSN 25 will obtain an IP address for the datasession and route the mobile station 10 to the appropriate policyenforcement point (PEP) 28.

The PEP 28 is a logical element that can be physically housed in anotherpacket data serving node or a gateway device, depending on the servicerequest, such as a wireless application protocol (WAP) gateway, instantmessaging gateway, email gateway, multimedia messaging service gateway,etc. The PEP 28 is responsible for enforcing a decision by the servicemanager 20 and policy decision point 29 to accept or reject the servicerequest.

The PEP 28 operates in conjunction with the policy decision point (PDP)29, and depending on the configuration of the network possibly theservice manager 20, to authenticate the subscriber of the mobile station10 as a valid subscriber, based on their MDN and MSID, or some othertype of identifier. The PDP 29 is also a logical element that can bephysically housed in the service manager 20 or in another serveraccessible to either the service manager 20 or the PEP 28. The PDPmaintains or stores a list of policies that have been established tocontrol the features and functions of the mobile station 10 and decides,based on those policies, to either accept or reject the service request.

Such requests might be initiated by the device, such as when the user ofthe device sends a request to download some type of content, such as agame, a ringtone, a website, a picture message, a text message, etc. Inother cases, the request might be initiated by another device seeking tocommunicate with the user's device. For example, the user of mobilestation 10 might have a text message sent to her/him by a friend, but ifa policy is in place that prevents the user from receiving text messagesat the time the message is sent, then the request to communicate withthe user will be denied. Likewise, the user's request may not haveanything to do with making a call or downloading content, but ratherjust to use some feature or function of the device, such as a game thatis already stored on the device. Even in this instance, the device wouldneed to communicate with the PDP to determine if a policy is in placethat would prevent use of the feature or function for some reason, suchas the wrong time of the day, the wrong day of the week, the game hasbeen played in excess of some time limit set on the game, etc.

In situations where the subscriber is not valid, PEP 28 will notify thesubscriber through the mobile station 10 and take one of a number ofdifferent possible actions, such as terminating the session ortransaction associated with the service request, redirecting orrewriting the session or transaction, degrading the session ortransaction to a lower quality or class of service, etc. If thesubscriber is valid, PEP 28 will enforce the provisioned policies forthe particular subscriber of the mobile station 10. As noted above,these policies can cover many different rules that apply to the featuresor functions of the device based on requests sent to or received fromthe device. These policies, include those items noted above, but alsoinclude many other things, such as wallet balances, wallet state/status,provisioned services/features, user selected service controls, and otherfunctions or functional restrictions, such as URL restrictions, contenttype restrictions, time-of-day restrictions, quality/class of servicerestrictions, etc.

If any of the provisioned policies fail (e.g., a restriction is met),the subscriber is notified and the PEP 28 will take one of a number ofdifferent possible actions, such as terminating the session ortransaction, redirecting or rewriting the session or transactions,degrading the session or transaction to a lower quality or class ofservice, etc. When the requester is not the subscriber, it may bepreferable to notify the requester or notify both the requester and thesubscriber. For example, if someone attempted to call the user, or sendan email, Instant Message, or text message to the user, and there was apolicy in place that prevented the call or communication, then it mightbe necessary to tell that someone so they know why they cannot contactthe user at that time. It may also be necessary to notify the subscriberor an administrator so they know what happened as well. If all of thepolicies pass, then the session or transaction associated with theservice request is permitted to continue.

Wallets can be set up and administered in a number of different ways.For example, in the pre-paid cell phone context, the administrator anduser could sit down together at a computer connected to a websiteassociated with the service provider of the phone and view and/or editwallet settings for that user's phone. The administrator could also callthe service provider and administer the user wallet and administratorwallet over the phone. While the user wallet is generally going to beassociated with the device being used, which itself will have some formof unique identifier, the administrator wallet will not necessarily betied to just the one device. Hence, the administrator wallet, like anyof the other wallets that could be established (promotional, dynamic)just needs to have a unique identifier that could be used to associatethe administrator wallet with each of the devices it will be managing.

An example of a system for managing a number of user wallets from withina single administrator wallet, in accordance with a preferred embodimentof the present invention, is illustrated in FIG. 3. The Contact Manager30 generally illustrated in FIG. 3 is in the form of a webpage on awebsite that enables an administrator to manage one or more walletsassociated with that administrator and/or multiple users. The ContactManager 30 can also be used by the users to manage their user wallets ina similar fashion. Since the Contact Manager 30 illustrated in FIG. 3 isa webpage, underlined text indicates hypertext or hyperlinks that can beselected with a pointing device to go to other webpages or even otherwebsites.

As shown in FIG. 3, Daniel is the administrator, as indicated in area 32and has administrative rights over three shown users, Eleanor, Ryan andSteve, and an unspecified number of additional users. The walletsummaries for Eleanor, Ryan, and Steve are shown in the Account Overviewarea 34. The additional user wallets would be visible if the “See allaccounts” option, located below area 34, was chosen.

Daniel is shown to have a balance of $70.53 USD in his administratorwallet shown in area 32. Eleanor's name, phone number, and a balance of$0 USD in her wallet, are shown in the upper part of Account Overviewarea 34. Likewise, Ryan's and Steve's names, phone numbers, and walletbalances are also shown in area 34. Both Ryan and Steve have positivecash balances in their wallets. Because Eleanor has a zero balance, shealso has a low balance alert shown below her wallet summary to alertDaniel. As Eleanor has a zero balance, she cannot initiate a serviceunless Daniel has indicated that he would be willing to pay for theservice from his wallet or has authorized some other wallet to apply toany service transaction desired by Eleanor.

Based on this alert, Daniel is presented with the options of informingEleanor to add money to her wallet or adding money to Eleanor's walleton his own. Although many different methods of refilling a wallet couldbe provided, the two options shown are to refill Eleanor's wallet now orto set up an automatic refill for Eleanor's wallet. The refill andauto-refill options are further discussed with respect to FIG. 3 below.The low balance alerts could also be set at different levels other thanzero. The administrator or the user could set the low balance level fora wallet at $5 USD or $10 USD, or set multiple low balance alerts thatare each treated the same or in different ways. For example, a firstalert could be sent only to the user, such as through an email, a textmessage, or in some other manner, while a second lower balance levelalert was sent only to the administrator.

The Contact Manager 30 serves a number of purposes, including: (1) toenable the administrator to manage all of the wallets associated withthat administrator; (2) to establish certain general rules that controldevice functions and payment; and (3) to establish certain local rulesthat control device function and payment. As shown in FIG. 3, Daniel haschosen to manage Steve's wallet. The arrow 35 next to Steve's name wouldactivate a drop down menu that would enable Daniel to select a differentuser wallet to manage, such as Eleanor's wallet or Ryan's wallet. SinceSteve's wallet has been selected, Steve's Contacts are illustrated inthe local rules area 36. The global rules associated with Steve's walletare illustrated in the global rules area 38.

The Contact Manager 30 could be configured to enable Daniel to managemany additional or different services or functions (downloads, etc.) forSteve in the same manner as calls and text messages are illustrated inareas 36 and 38. For example, in addition to indicating the names andnumbers of people that Steve can or cannot communicate with by calls ortext, referred to herein as allowed number lists/blocked number lists orcontact management function, the Contact Manager 30 could also beconfigured to enable Daniel to select and manage the features orfunctions of Steve's phone that Steve could use, such as the ability touse the wallet to pay for physical goods at a store using the phone,(i.e., a feature management function), or the time of day during whichthe phone could be used in general or for specific purposes (e.g., okayto call Jeff, but only between 3 pm and 6 pm), i.e., a time managementfunction. A separate page could also be provided, as illustrated in FIG.4, that combines various restrictions on specific features, such aschoosing for Steve when that feature can be used, how much it can beused (if at all), and who is going to pay for the feature or function.Dynamic wallets could also be managed on that web page or on another webpage on a per-person or per-feature basis.

As used herein, the term blocked number list refers to a list of phonenumbers that have been blocked, both in terms of sending calls/texts toSteve's phone and receiving calls/texts from Steve's phone. The termallowed number list refers to a list of phone numbers that have beenpermitted, both in terms of sending calls/texts to Steve's phone andreceiving calls/texts from Steve's phone.

Although many different functions associated with Steve's phone could bemanaged through Daniel's wallet, in order to more clearly illustrate howthe Contact Manager 30 would be used to manage Steve's wallet, FIG. 3only illustrates one function, the contact management function. Theadditional functions, such as feature management and time managementwould be similarly structured and could be shown as part of the ContactManager 30, or as separate management functions on other web pages, asillustrated in FIG. 4. In addition to managing a specific functionwithin a function manager, it is also possible to override functionalcontrols within one function manager from within another functionmanager. This point is further described below with respect to the“Override Restrictions” feature 40 of the Contact Manager 30.

The local rules established for Steve in local rules area 36 include thecontact and payment rules associated with three specific people andtheir phone numbers and the general category of “All Other Numbers.” Foreach contact, Daniel can decide to either allow calls/texts to thecontact, or to block such calls/texts, by clicking on the circular radiobuttons illustrated in area 36. When a radio button has been selected orclicked, the central area of the radio button is darkened. When theradio button has not been selected, the central area is clear. Danielcan also specify whose wallet will be used to pay for any suchcalls/texts.

As illustrated, calls/texts to Jack are allowed and are to be paid forout of Daniel's wallet. Since Daniel is the administrator of Steve,Daniel's wallet is referred to as the “Admin Wallet.” Differentlanguage, other than “Admin Wallet,” could obviously be used indifferent contexts. For example, if Daniel was Steve's parent, Daniel'swallet could be referred to as a parent wallet. If Daniel was anemployer and Steve an employee, Daniel's wallet could have a differentname, etc. Since Daniel has indicated he would pay for any call to orfrom Jack and Steve, even if Steve had no money is his wallet, Jack andSteve would still be allowed to communicate and the charges would becharged to Daniel's wallet.

While calls/texts with Jeff are also permitted, they are to be paid forby Steve out of his wallet, since Steve's wallet has been selected. IfSteve runs out of money in his wallet, however, he would no longer beable to communicate with Jeff until Steve refilled his wallet becauseneither the Admin wallet nor Grandma's wallet has also been selected. Itshould be noted therefore that the wallets are not mutually exclusive.Hence, with respect to Jeff, both Steve and Grandma's wallet could beselected at the same time, or even all three wallets (Admin, Steve andGrandma) could be simultaneously selected. In such a case, additionallocal rules would be used to establish an order of precedence betweeneach of the wallets. For example, calls with Jeff would first be paidfor by Steve, but when Steve ran out of money, Grandma would cover thecost of such calls, either for a limited amount of money, for a limitedamount of time, or until Grandma ran out of money as well, in which casethe Admin wallet would be charged. Many other orders of precedence couldobviously be established.

With respect to Jane, any call or texts are permitted and will be paidfor out of Grandma's wallet. In this case, Grandma's wallet is a dynamicwallet that is associated with Steve's wallet and Steve's device, but isnot controlled by Grandma. Grandma has set up a wallet, put funds in itand indicated to Daniel that her wallet can be used by Steve for thespecific purpose of calling Jane. Grandma's wallet could also beassociated with any of a number of different administrators, anddifferent users, for different purposes and functions with respect toeach user. In this case, Grandma's wallet only has a unique identifierthat enables it to be associated with other wallets as she so directs,but is not associated with any particular device, per se. Grandma'swallet could also just be associated with Steve's wallet or even theAdmin wallet without any specific function associated with it. Thus,Steve and the Admin could use the funds in Grandma's wallet, asdetermined by the Admin, for any purpose they might choose.

Also shown in FIG. 3 is the name of “All Other Numbers.” Because the“No” choice was selected for “All Other Numbers,” no calls/texts to orfrom any numbers other than those shown in the local rules area 36 arepermitted by the local rules. Since no communication is permitted withnumbers other than Jack, Jeff and Jane, there is no need to designatewhose wallet would be charged for such communication. FIG. 3 furtherillustrates an “Override Restrictions” function 40, which serves as alocal rule that can be used to override any restrictions on functionsapplicable to Steve, such as a time of day restriction. An overriderestriction could be set up to be very narrow or very broad. Asillustrated in FIG. 3, the override restriction is unspecified, so itcould apply to only a narrow set of functional restrictions establishedby other local rules on web pages not shown herein, or to any otherfunctional restrictions that could have been established.

The Override Restrictions feature 40 can be useful for parents that wantto restrict generally when a child can use a phone, except with respectto communication with certain people. For example, if Jack was a childcare provider for Steve, Daniel would want Steve to be able to contactJack at any time, and vice versa, even if Steve was not otherwiseallowed to use his phone between 9 am and 3 pm, i.e., during schoolhours. The ability to regulate when a phone can be and cannot be usedcan also be of value to parents and school districts with respect toresolving one of the greatest conflicts that exist betweenparents/students and school administrators—mobile phone usage by kids.Parents want children to have a mobile phone with them so the child cancall the parent if need be, i.e., if someone forgets to pick the childup after school. School districts do not want the children to have thephones at all because the students tend to misuse the phones, i.e., tocall friends during school, to cheat, to engage in illegal activity,etc. While the school districts believe that children should berelegated to only using the school phones if the children need tocontact a parent, the parents want the children to have the phones withthem in case they get locked out of the school, get lost on a fieldtrip, etc.

The override restrictions feature 40 can be used in many other contextsas well and is not limited to just overriding a restriction on time ofday usage, which could be the manner in which this function is used withrespect to FIG. 3. Basically, any restriction that might be in place dueto a local rule could be set up to be overridden. If another local rulewas established to regulate the downloading of some game, or the use ofsome other features/functions, or the use of the device in some othercontext, activation of the override restrictions function would causethat local rule restriction to be by-passed until the overriderestrictions function was deactivated.

As illustrated in FIG. 3, only Daniel is permitted to manage Steve'sphone, but Steve's phone could also be set up to be managed by Steve'sschool as well. For example, Daniel could register with a mobile phoneservice through the school that permits Steve to have his phone with himat school, rather than in a locker, but which tightly controls how thephone can be used during school hours. For example, only certainfunctions or features could be enabled during school hours so the phonecould not be used to cheat, or to play games, or to call other students,but the phone could be used to call/text a parent or certain otherpeople that were permitted to be called. If Steve's phone had some formof location feature associated with it, i.e., a feature that enabled thephone's location to be roughly estimated, the school control functioncould be set to only be operational when Steve's phone was on schoolproperty. In this manner, if Steve had to walk home, or was on a fieldtrip, the phone would still work as permitted by Daniel, even if theschool had other limiting control on Steve's phone at that time.Additionally, the school could decide to restrict functions or featuresby specific groups, such as by grade or by people participating inspecific activities.

Area 42 includes additional functions that enable changes to area 36 and38 to be saved, or for new contacts to be added.

Obviously, the local rules could be much more extensive than asillustrated in the local rules area 36 of FIG. 3, which is also truewith respect to the global rules shown in global rules area 38. Asillustrated in FIG. 3, only three global rules are illustrated: (1) 911calls are allowed and are always free; (2) Customer Care Calls arealways allowed and are free; and (3) 900-number Calls are not allowed.Since these are global rules, even though the local rules do not allowcalls and texts to or from numbers other than those contacts listed inSteve's contact, calls to 911 and to Customer Care Calls would bepermitted despite the local rules. In the same context, even if thelocal rules permitted calls to other numbers, by selecting a global ruleblocking 900-number calls, the global rule applies first and the localrules are not considered.

Although the administrator wallet would typically be arranged to coverzero balances in the user's wallet, this arrangement could be reversedunder certain circumstances. For example, if a service was designated asbeing paid from the administrator's wallet, but the administrator'swallet had a zero balance, rather than block the service, the paymentcould be set to revert back to being paid by the user's wallet, oranother wallet (Grandma's wallet) as described above. This type ofarrangement ensures maximum security for both the administrator and theuser with respect to important services, provided any of the otherwallets have money in them.

In addition to paying for certain services, the administrator can chooseto move funds or units of value, such as airtime and service units,between wallets. For example, the administrator could manually transfer$10 USD from the administrator's wallet to the user's wallet at anytime, or the administrator could set up an automatic transfer ofspecified amounts at specified times. In the context of a parentadministrator and a child user, a transfer of money from theadministrator's wallet to the phone user's wallet could be structured tomirror a real-world “allowance.” The administrator could also movefunds/units between different user wallets or even permit or control howdifferent users “trade” funds/units between their wallets. For example,two employees might trade funds between their wallets or two childrenmight trade electronic toys, merchandise, phone usage units, or fundsfor their phones through their wallets.

As previously referenced, FIG. 3 illustrates how an administrator cancontrol features or functions associated with a subscribers phone, inthat case who the subscriber can call or not, and who pays for whichcalls, but could also be configured to enable the administrator tocontrol more features and functions. Alternatively, a separateapplication or web page 50 could be established to enable theadministrator to control various additional features or function, asillustrated in FIG. 4. As shown in FIG. 4, the administrator of theaccount for a subscriber named Mike is given the ability to manage fiveadditional features associated with Mike's Kajeet™ phone (kajeet is atrademark of kajeet, Inc.), certain types of downloads 52 (e.g.,ringtones, wallpaper, games and applications), feeds 54, mobile websurfing 56, picture messaging 58 and instant messaging 60.

For example, Mike's parent could decide that picture messaging is toodangerous for Mike because of his age and decide to disable thatfeature. To do so, as illustrated in FIG. 4, the parent would select the“Edit Setting” link with picture messaging 58, and then change thesetting from its current setting of “Allowed” to “Not Allowed,” as isthe case with mobile web surfing 54 as shown in FIG. 4. Mike's parentcould likewise decide to enable an instant messaging subscription. Asshown in FIG. 4, instant messaging 60 is currently set to “UnlimitedMonthly,” but it could be set to “Not Allowed” or “50 Message/Month” or“$10/Month,” or almost any other setting that made sense to use.

The parent could also have the option of enabling or disabling a groupof services all at once, as illustrated in FIG. 5. In this case, whenthe “Edit Setting” link for feeds 54 was selected, a new feeds page 70was displayed that presented the parent with the ability to allow ordisallow feeds, which are a form of text messaging. As shown in FIG. 5,turning off feeds would disable all SMS or text messaging, not just thefeeds described on page 70. Naturally, feeds page 70 could be set updifferently, so that text messaging was allowed, except for textmessages being sent by kajeet, or maybe only certain types of textmessages sent from kajeet—the options are truly endless. Likewise, anyfeature could be established to be configured by the user in manydifferent ways. For example, instead of having separate settings fordownloads 52, mobile web surfing 56, and instant messaging 60, all threeof these features could be disabled with a single “off” switch, etc.

The actual users of the phone might also have the same or similaroptions with respect to the feature manager as the administrator, butthe administrator might have the ability to override the user and/orprevent the user from doing something in the future. Alternatively, theuser could have functions that they could enable on their own. Forexample, a child using a cell phone might have the ability to sign upfor Instant Messaging 60, but the parent might decide that it costs toomuch money, turn the subscription off, and prevent the kid from signingup for it again. Likewise, a child might be able to turn on ringtonesand wallpaper downloads 52, which the parent could then turn off ifneeded, but only the parent could turn on games and applications. Aspreviously stated, the combination of options is unlimited.

Further enhancements to the feature manager could include the ability tolimit how much of a specific feature can be used, when it can be used,whether dynamic wallets can be used with that feature, picking a groupof users attached to that account that the settings apply to, etc.

As previously noted, a service provider could also establish promotionalwallets or enable dynamic wallets. Although the global rules and localrules determine the interaction between user wallets and administratorwallets, as additional types of wallets are added, a hierarchy betweenthe wallets would be required to ensure that requested services weretaken from the most appropriate wallet first. Under this hierarchy,before the global or local rules were checked to determine which walletwas designated by the administrator to pay for a service, thepromotional wallet would be checked to determine if the service would becovered by the promotional wallet. For example, if a promotion involvedgiving 10 free voice minutes to a user, those 10 minutes would be placedin a “voice” promotional wallet that would then be used first beforedetermining whether additional minutes would be taken from the user'swallet or the administrator's wallet.

However, the global and local rules would still need to be checked tomake sure that the service was permitted. This prevents a promotionalwallet from being used to call a 900-number when calls to 900-numberswould otherwise be blocked by the global rules.

As discussed above with respect to Grandma's wallet in FIG. 3, a dynamicwallet would be a wallet that was set up by someone, like a grandparent,but that was not necessarily tied to any particular user or device/phonenumber. Like the other types of wallets, a dynamic wallet could befilled with funds or units and used to enable a variety of services fora number of other users or the user of the dynamic wallet by eitherbeing associated with one or more devices or one or more wallets. Toprevent conflicts with an administrator's wallet or a user's wallet, adynamic wallet would not be able to authorize services for a user thatwere blocked by the administrator, but could pay for those services thatwere allowed. A dynamic wallet could also be configured to takeprecedence over a promotional wallet or even a user's wallet withrespect to paying for services, or could simply be used as an additionalbackup wallet in the unlikely event all of the other wallets for a phonewere not available, as previously described.

Although the wallets described herein are described in the context ofbeing used with a mobile device, particularly a pre-paid cellular phone,wallets could be associated with any type of communication device, asdescribed above. Some of the key features of wallets in the context ofthe present invention are: (1) that they enable real-time management orcontrol of a device; (2) that each device requires at least two walletsto be associated with it, at least one user wallet and at least oneadministrator wallet; (3) that an order of precedence can be establishedbetween the wallets, as to which wallet pays for what, and any walletcan be used to back up a payment by a second wallet in the event thesecond wallet is low on funds/credits; and (4) that local rules andglobal rules can be established for the wallets that enable theadministrator to manage the functions of a device in many differentways, including who can be contacted, what transactions are permitted,what time of day the device and features/functions can be used, whatfeatures or functions are enabled, etc. Global rules and local rules canbe applied in order, so as to result in two separate decisions, or atthe same time as a single decision (e.g., if local rule Xis true andglobal rule Y is true, then allow the function to proceed).

Hence, the present invention, while illustrated and described in termsof a preferred embodiment and several alternatives herein in associationwith the various drawing figures, should not be limited to just theparticular description contained in this specification. Additionalalternative or equivalent components and steps could be used to practicethe present invention.

What is claimed is:
 1. A system for controlling a computing device, thesystem comprising a memory bearing instructions that, when executed onthe system, cause the system to at least: allocate a subset of units ofvalue to an allowance, the allowance being associated with the computingdevice, the allocation being based on input associated with anadministrator of the computing device, the units of value beingassociated with a plan that manages one or more functions associatedwith a plurality of computing devices that include the computing device;generate a first rule based on input associated with a service providerof the plan and the input associated with the administrator, the firstrule determining whether a use of a function of the computing device ispermitted independently of the plan and whether the use of the functionis permitted independently of the allowance when the use of the functionis permitted dependently on the plan, the determination being based onwhether the use of the function causes the computing device to interactwith another computing device associated with a list of one or moretrusted contacts; and generate a second rule based on the inputassociated with the administrator, the second rule being applicable whenthe use of the function is permitted dependently on the plan, and thesecond rule determining whether a cost associated with using thefunction is charged to the subset allocated to the allowance or to unitsof value associated with the plan and unallocated to the allowance. 2.The system of claim 1, wherein the allowance limits a use of thefunction of the computing device based on the units of value allocatedto the allowance.
 3. The system of claim 2, wherein the functioncomprises at least one of voice calling, messaging, data surfing,gaming, content accessing, goods purchasing, and service purchasing. 4.The system of claim 1, wherein the computing device is a mobile phone,and wherein the units of value comprise credits representing services orapplications provided by the service provider.
 5. The system of claim 1,wherein the input associated with the service provider is used tospecify whether using the function is permitted independently of theplan, and wherein the input associated with the administrator is used tospecify whether using the function is permitted dependently on the plan.6. The system of claim 5, wherein the list of one or more trustedcontacts is defined based on the input associated with theadministrator.
 7. The system of claim 5, wherein the input associatedwith the administrator is further used to specify whether using thefunction is permitted dependently on the allowance.
 8. The system ofclaim 1, wherein the second rule determines to charge the cost to unitsof value associated with the plan and unallocated to the allowance whenthe allowance lacks sufficient units of value to pay for using thefunction and when the use of the function causes the computing device tointeract with the other computing device.
 9. The system of claim 1,wherein the second rule determines to charge the cost to the allowancewhen the allowance comprises sufficient units of value to pay for theuse of the function.
 10. The system of claim 1, wherein the second ruledetermines to charge the cost to the allowance when the allowancecomprises sufficient units of value to pay for the cost and when the useof the function causes the computing device to interact with a computingdevice unassociated with the list of one or more trusted contacts. 11.The system of claim 1, wherein the instructions, when executed on thesystem, further cause the system to generate a third rule that overridesthe second rule.
 12. The system of claim 11, wherein the third ruledetermines to charge the cost to the allowance even if the second ruledetermines to charge the cost to the units of value associated with theplan and unallocated to the allowance, the third rule applying when theunits of value associated with the plan and unallocated to the allowanceare insufficient to pay for the cost.
 13. The system of claim 11,wherein the third rule determines to charge the cost to a third party.14. The system of claim 13, wherein the third party is the serviceprovider or a sponsor.
 15. The system of claim 13, wherein the inputassociated with the service provider specifies when the third ruleoverrides the second rule.
 16. A non-transitory computer readablestorage medium comprising instructions that, when executed on a systemconfigured to manage a computing device, cause the system to at least:allocate a set of units of value to an allowance, the allowance beingassociated with the computing device, the allocation being based oninput associated with an administrator of a plan that is associated withthe units of value, the plan managing one or more functions of aplurality of computing devices that include the computing device;generate a first rule that is agnostic of the computing device, thefirst rule determining whether performing a function of the computingdevice is permitted independently of the plan; generate a second rulethat depends on the computing device, the second rule being applicablewhen performing the function depends on the plan, and the second ruledetermining whether performing the function is charged to the allowanceor to units of value associated with the plan and unallocated to theallowance; and generate a third rule that depends on the plan, the thirdrule determining whether applying the second rule is charged to units ofvalue associated with the plan.
 17. The non-transitory computer readablestorage medium of claim 16, wherein the third rule is defined based oninformation associated with a service provider of the plan.
 18. Thenon-transitory computer readable storage medium of claim 17, whereinapplying the second rule is associated with units of value charged bythe service provider to the plan.
 19. The non-transitory computerreadable storage medium of claim 17, wherein the third rule isassociated with a promotion defined based on information associated withthe service provider, wherein the promotion allows a charge associatedwith applying the second rule to be reduced.
 20. A method for managing amobile device, the method comprising: causing generation of a graphicaluser interface for display to an administrator of the mobile device, thegraphical user interface comprising one or more fields for inputtinginformation associated with a determination whether an execution of afunction of the mobile device is to be allowed and whether the executionof the function is to be charged to an account associated with a user ofthe mobile device or to an account associated with the administrator;generating a plan based on the information inputted at the graphicaluser interface, the plan comprising a list of allowed contacts, a listof blocked contacts, and a rule that determines whether the function,when executed, is to be charged to the account associated with the useror to the account associated with the administrator; allowing ordisallowing the execution of the function based on the generated plan;and when the execution of the function is allowed, charging theexecution of function to the account of the user or to the account ofthe administrator based on the generated plan.
 21. The method of claim20, wherein the one or more fields comprise one or more of a time-basedrestriction, a location-based restriction, and a function-basedrestriction.
 22. The method of claim 20, wherein the one or more fieldscomprise a selection associated with a contact, wherein the selection isto determine whether the contact should be allowed or should be blocked.23. The method of claim 22, wherein the contact is associated withanother computing device.
 24. The method of claim 23, wherein theexecution of the function allows the mobile device to interact with theother computing device.
 25. The method of claim 20, wherein the planfurther comprises a list of trusted contacts, wherein the ruledetermines to charge the account associated with the administrator whenthe execution of the function causes the mobile device to interact witha computing device associated with a trusted contact from the list oftrusted contacts and when the account associated with the user lackssufficient funds to pay for the interaction.
 26. A system forcontrolling a first computing device, the system comprising: means forallocating units of value associated with a plan to a first allowance,the plan being associated with an administrator and the first computingdevice, the allocation being based on input associated with theadministrator, the first allowance being associated with a function ofthe computing device; means for generating a first rule based on inputassociated with a service provider of the plan and the input associatedwith the administrator, the first rule determining whether a use of thefunction is permitted independently of the plan and whether the use ofthe function is permitted dependently on the first allowance when theuse of the function is permitted dependently on the plan; and means forgenerating a second rule based on the input associated with theadministrator, the second rule being applicable when the use of thefunction is permitted dependently on the plan, and the second ruledetermining whether the use of the function is charged to units of valuein the first allowance or to units of value that are associated with theplan and that are unallocated to the allowance.
 27. The system of claim26, wherein the plan is shared between the first computing device and atleast a second computing device associated with administrator.
 28. Thesystem of claim 27, wherein the second computing device is associatedwith a second allowance, and units of value associated with the plan andunallocated to the first allowance are allocated to the secondallowance.
 29. The system of claim 28 further comprising means fortransferring units of value between the first allowance and the secondallowance.
 30. The system of claim 28, wherein the second ruledetermines to charge units of value to the second allowance when the useof the function causes the first computing device to interact with athird computing device associated with a trusted contact and when thefirst allowance lacks sufficient units of value to pay for theinteraction.